SAP's Matthew Valites on Why He Is a Proponent of Detection as Code

On this week's episode of the Detection at Scale podcast, Jack talks with Matthew Valites, Director of Threat Detection & Operational Strategy at SAP. They discuss which threat detection approach works the best, what metrics Matthew uses to gauge his programs, and why Matthew is a proponent of using detection as code. 

Matthew also looks to the future and gives his prediction on what role technology such as GenAI will play in the security landscape. They close out their conversation with some actionable lessons from Matthew's book, Crafting the Infosec Playbook. 

Topics discussed:

• Which threat-detection approach works the best (hint: it's usually the one that provides the most visibility).
• How Matthew manages the different logic in different environment using tailored macros.
• What metrics Matthew uses to gauge his programs and how he keeps track of those metrics.
• Why Matthew is a huge proponent of using detection as code, including the CIDC element it brings.
• What makes GenAI so exciting, and what its role might be in the future.
• How Matthew tries to take care of his team's mental and physical health.
• Actionable lessons from the book Matthew co-authored, “Crafting the Infosec Playbook”, such as espousing the values of a service-based approach.